Last updated: June 25, 2026
HostSSH is built on a simple principle — your data, your bucket, your exit. This policy explains what we collect to run the service, how we use it, and the controls you have. It is a plain-language baseline; for specific questions email privacy@hostssh.com.
Account data — name, email, and authentication credentials (passwords are stored only as bcrypt hashes; MFA secrets are encrypted).
Operational telemetry — your agent reports host health (CPU/memory/disk), backup and restore-drill status, and deployment/job state so the control plane can show your fleet. This is metadata about your servers, not the contents of your applications or databases.
Support content — messages you send to the in-app assistant or support, plus an optional contact you provide.
Server images & backups — encrypted server images live in storage you connect (BYO bucket). Under zero-knowledge custody we never hold the keys to decrypt them; under escrow custody you opt in explicitly.
To operate, secure, and support the service: authenticate you, render your fleet, run deployments and backups, detect drift, answer support, and meet legal obligations. We do not sell personal data.
Secret connection credentials are stored encrypted and segregated from non-secret configuration. The custody model is explicit per connection — agent-local (the control plane holds no ciphertext), zero-knowledge (we cannot decrypt), or escrow (you opt in). Sessions are signed, httpOnly cookies; agent ↔ control plane traffic is mutually authenticated (mTLS) with certificate pinning.
We use strictly-necessary cookies for authentication. If privacy-respecting product analytics are enabled, they are aggregate and cookieless where possible; this policy will name the provider when one is in use.
Account data is kept while your account is active. Support conversations are pruned on a rolling window. Your server images and backups follow the retention you configure on your own storage — we do not silently delete your data.
You can access, correct, export, or delete your personal data, and object to or restrict processing. Email privacy@hostssh.com and we will respond within a reasonable period. Because of the BYO-storage model, you can also take your encrypted images and leave at any time — your exit is built in.
Questions about this policy: privacy@hostssh.com.